Hi Team,

 

Are syslog products vulnerable to this vulnerability ?

 

Need to know if Syslog is affected:

 

CVE-2023-44487 is a vulnerability in the HTTP/2 protocol that was recently used to launch DDoS attacks. The vulnerability allows for denial of service (DoS) because request cancellation can reset many streams quickly. https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/

 

Thanks & Regards,

Prachi Mayekar

ITI-Network Services

A Contingent Worker at Intel

For assistance, please visit us at https://it.intel.com